File: //usr/share/doc/selinux-policy/html/kernel_storage.html
<html>
<head>
<title>
Security Enhanced Linux Reference Policy
</title>
<style type="text/css" media="all">@import "style.css";</style>
</head>
<body>
<div id="Header">Security Enhanced Linux Reference Policy</div>
<div id='Menu'>
<a href="admin.html">+
admin</a></br/>
<div id='subitem'>
</div>
<a href="apps.html">+
apps</a></br/>
<div id='subitem'>
</div>
<a href="contrib.html">+
contrib</a></br/>
<div id='subitem'>
</div>
<a href="kernel.html">+
kernel</a></br/>
<div id='subitem'>
- <a href='kernel_corecommands.html'>
corecommands</a><br/>
- <a href='kernel_corenetwork.html'>
corenetwork</a><br/>
- <a href='kernel_devices.html'>
devices</a><br/>
- <a href='kernel_domain.html'>
domain</a><br/>
- <a href='kernel_files.html'>
files</a><br/>
- <a href='kernel_filesystem.html'>
filesystem</a><br/>
- <a href='kernel_kernel.html'>
kernel</a><br/>
- <a href='kernel_mcs.html'>
mcs</a><br/>
- <a href='kernel_mls.html'>
mls</a><br/>
- <a href='kernel_selinux.html'>
selinux</a><br/>
- <a href='kernel_storage.html'>
storage</a><br/>
- <a href='kernel_terminal.html'>
terminal</a><br/>
- <a href='kernel_ubac.html'>
ubac</a><br/>
- <a href='kernel_unlabelednet.html'>
unlabelednet</a><br/>
</div>
<a href="roles.html">+
roles</a></br/>
<div id='subitem'>
</div>
<a href="services.html">+
services</a></br/>
<div id='subitem'>
</div>
<a href="system.html">+
system</a></br/>
<div id='subitem'>
</div>
<br/><p/>
<a href="global_booleans.html">* Global Booleans </a>
<br/><p/>
<a href="global_tunables.html">* Global Tunables </a>
<p/><br/><p/>
<a href="index.html">* Layer Index</a>
<br/><p/>
<a href="booleans.html">* Boolean Index</a>
<br/><p/>
<a href="tunables.html">* Tunable Index</a>
<br/><p/>
<a href="interfaces.html">* Interface Index</a>
<br/><p/>
<a href="templates.html">* Template Index</a>
</div>
<div id="Content">
<a name="top":></a>
<h1>Layer: kernel</h1><p/>
<h2>Module: storage</h2><p/>
<a href=#interfaces>Interfaces</a>
<h3>Description:</h3>
<p><p>Policy controlling access to storage devices</p></p>
<hr>
<a name="interfaces"></a>
<h3>Interfaces: </h3>
<a name="link_storage_create_fixed_disk_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_create_fixed_disk_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to create fixed disk device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_delete_fixed_disk_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_delete_fixed_disk_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to create fixed disk device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dev_filetrans_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dev_filetrans_fixed_disk</b>(
domain
,
filename
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create block devices in /dev with the fixed disk type
via an automatic type transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
<tr><td>
filename
</td><td>
<p>
Optional filename of the block device to be created
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dev_filetrans_named_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dev_filetrans_named_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create block devices in /dev with the fixed disk type
via an automatic type transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_getattr_fixed_disk_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_getattr_fixed_disk_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts made by the caller to get
the attributes of fixed disk device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_getattr_removable_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_getattr_removable_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts made by the caller to get
the attributes of removable devices device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_raw_read_removable_device"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_raw_read_removable_device</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to directly read removable devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_raw_write_removable_device"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_raw_write_removable_device</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to directly write removable devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_read_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_read_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts made by the caller to read
fixed disk device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_read_removable_device"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_read_removable_device</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts made by the caller to read
removable devices device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_rw_fuse"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_rw_fuse</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read or write
fuse device interfaces.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_rw_scsi_generic"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_rw_scsi_generic</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts to read or write
SCSI generic device interfaces.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_setattr_fixed_disk_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_setattr_fixed_disk_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts made by the caller to set
the attributes of fixed disk device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_setattr_removable_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_setattr_removable_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts made by the caller to set
the attributes of removable devices device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_write_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_write_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts made by the caller to write
fixed disk device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_dontaudit_write_removable_device"></a>
<div id="interface">
<div id="codeblock">
<b>storage_dontaudit_write_removable_device</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Do not audit attempts made by the caller to write
removable devices device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_filetrans_all_named_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_filetrans_all_named_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create all named devices with the correct label
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_getattr_fixed_disk_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_getattr_fixed_disk_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to get the attributes of fixed disk
device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_getattr_fuse_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_getattr_fuse_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to get the attributes
of device nodes of fuse devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_getattr_removable_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_getattr_removable_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to get the attributes of removable
devices device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_getattr_scsi_generic_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_getattr_scsi_generic_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to get the attributes of
the generic SCSI interface device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_getattr_tape_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_getattr_tape_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to get the attributes
of device nodes of tape devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_manage_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_manage_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create, read, write, and delete fixed disk device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_raw_read_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_raw_read_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to directly read from a fixed disk.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_raw_read_removable_device"></a>
<div id="interface">
<div id="codeblock">
<b>storage_raw_read_removable_device</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to directly read from
a removable device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_raw_rw_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_raw_rw_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to directly read and write to a fixed disk.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_raw_write_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_raw_write_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to directly write to a fixed disk.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_raw_write_removable_device"></a>
<div id="interface">
<div id="codeblock">
<b>storage_raw_write_removable_device</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to directly write to
a removable device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_read_scsi_generic"></a>
<div id="interface">
<div id="codeblock">
<b>storage_read_scsi_generic</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to directly read, in a
generic fashion, from any SCSI device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_read_tape"></a>
<div id="interface">
<div id="codeblock">
<b>storage_read_tape</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to directly read
a tape device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_relabel_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_relabel_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Relabel fixed disk device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_rw_fuse"></a>
<div id="interface">
<div id="codeblock">
<b>storage_rw_fuse</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
read or write fuse device interfaces.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_rw_inherited_fixed_disk_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_rw_inherited_fixed_disk_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to read/write inherited fixed disk
device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
The domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_rw_inherited_removable_device"></a>
<div id="interface">
<div id="codeblock">
<b>storage_rw_inherited_removable_device</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Alow read and write inherited removable devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain to not audit.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_rw_inherited_scsi_generic"></a>
<div id="interface">
<div id="codeblock">
<b>storage_rw_inherited_scsi_generic</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to directly read and write, in a
generic fashion, from any SCSI device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_setattr_fixed_disk_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_setattr_fixed_disk_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to set the attributes of fixed disk
device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_setattr_removable_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_setattr_removable_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to set the attributes of removable
devices device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_setattr_scsi_generic_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_setattr_scsi_generic_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to set the attributes of
the generic SCSI interface device nodes.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_setattr_scsi_generic_dev_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_setattr_scsi_generic_dev_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Set attributes of the device nodes
for the SCSI generic inerface.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_setattr_tape_dev"></a>
<div id="interface">
<div id="codeblock">
<b>storage_setattr_tape_dev</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to set the attributes
of device nodes of tape devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_swapon_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_swapon_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Enable a fixed disk device as swap space
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_tmp_filetrans_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_tmp_filetrans_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create block devices in on a tmp filesystem with the
fixed disk type via an automatic type transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_tmpfs_filetrans_fixed_disk"></a>
<div id="interface">
<div id="codeblock">
<b>storage_tmpfs_filetrans_fixed_disk</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Create block devices in on a tmpfs filesystem with the
fixed disk type via an automatic type transition.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_unconfined"></a>
<div id="interface">
<div id="codeblock">
<b>storage_unconfined</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Unconfined access to storage devices.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_write_scsi_generic"></a>
<div id="interface">
<div id="codeblock">
<b>storage_write_scsi_generic</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to directly write, in a
generic fashion, from any SCSI device.
This is extremly dangerous as it can bypass the
SELinux protections for filesystem objects, and
should only be used by trusted domains.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a name="link_storage_write_tape"></a>
<div id="interface">
<div id="codeblock">
<b>storage_write_tape</b>(
domain
)<br>
</div>
<div id="description">
<h5>Summary</h5>
<p>
Allow the caller to directly read
a tape device.
</p>
<h5>Parameters</h5>
<table border="1" cellspacing="0" cellpadding="3" width="65%">
<tr><th >Parameter:</th><th >Description:</th></tr>
<tr><td>
domain
</td><td>
<p>
Domain allowed access.
</p>
</td></tr>
</table>
</div>
</div>
<a href=#top>Return</a>
</div>
</body>
</html>